package com.esiran.payadmin.shiro.filter;

import com.esiran.payadmin.shiro.token.AdminAuthToken;
import com.esiran.payadmin.shiro.token.MultipleRealmToken;
import com.esiran.payadmin.shiro.token.UserAuthToken;
import com.esiran.payadmin.util.CookieUtil;
import com.esiran.payadmin.util.JWTUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.util.StringUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class UserAuthFilter extends FormAuthenticationFilter {

    @Override
    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
        MultipleRealmToken multipleRealmToken = (MultipleRealmToken) token;
        String jwtToken = createUserToken(multipleRealmToken.getUsername());
        Cookie tokenCookie = new Cookie("token_v1",jwtToken);
        CookieUtil.addCookie((HttpServletResponse) response,tokenCookie);
        return super.onLoginSuccess(token,subject,request,response);
    }

    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
//        HttpServletRequest hsq = (HttpServletRequest) request;
//        String token = CookieUtil.getCookieVal(hsq,"token_v1");
//        if (StringUtils.isEmpty(token)){
//            return false;
//        }
//        return true;
        return false;
    }

    @Override
    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) {
        UsernamePasswordToken upt = (UsernamePasswordToken) super.createToken(request, response);
        return new UserAuthToken(upt.getUsername(),String.valueOf(upt.getPassword()));
    }
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        if (isLoginRequest(request,response)){
            if (isLoginSubmission(request,response)){
                return true;
            }
            return true;
        }
        HttpServletRequest hsq = (HttpServletRequest) request;
        String token = CookieUtil.getCookieVal(hsq,"token_v1");
        if (StringUtils.isEmpty(token)){
            saveRequestAndRedirectToLogin(request, response);
            return false;
        }
        try {
            getSubject(request,response).login(new UserAuthToken(
                    token,"xxx"));
        }catch (Exception e){
            saveRequestAndRedirectToLogin(request, response);
            return false;
        }
        return true;
    }

    private Integer getUserIdForToken(String token){
        String subject = JWTUtil.checkAccessToken(token);
        if (subject == null){
            return null;
        }
        return Integer.parseInt(subject);
    }


    private AuthenticationToken createJWTToken(ServletRequest request, ServletResponse response){
//        String token = CookieUtil.getCookieVal(hsq,"token_v1");
        return null;
    }

    private String createUserToken(String username){
        return JWTUtil.createAccessToken()
                .withSubject(username)
                .sign(JWTUtil.getAlgorithm());
    }
}
